Techniques for metadata processing

1. A method of generating and using metadata tags comprising: storing a bootstrap tag in a first specified register of a plurality of specified registers used in a metadata processing domain that is isolated from a code execution domain, the metadata processing domain being operative to determine whether to allow execution of a current instruction of the code execution domain in accordance with a set of one or more policies; and performing first processing to derive one or more additional metadata tags from the bootstrap tag, wherein said first processing includes executing one or more instructions in the code execution domain that trigger metadata processing of one or more rules in the metadata processing domain.

2. The method of claim 1 , wherein the bootstrap tag is used an initial seed tag from which all other metadata tags, used by the metadata processing domain, are derived.

3. The method of claim 1 , wherein the bootstrap tag is hardwired or stored in a portion of read-only memory.

4. The method of claim 1 , wherein said storing and the first processing are included in processing performed by executing a first code portion of a bootstrap program when booting a system including the metadata processing domain and the code execution domain.

5. The method of claim 1 , further comprising: deriving a default tag from the bootstrap tag stored in the first specified register; storing the default tag in a second specified register of the plurality of specified registers; and executing an instruction sequence triggering metadata processing of rules in the metadata processing domain that write the default tag from the second specified register as a metadata tag for each of a plurality of memory locations used by the code execution domain.

6. The method of claim 1 , wherein said performing the first processing includes generating an initial set of metadata tags derived from the bootstrap tag, wherein each of the metadata tags of the initial set is generated by executing a current instruction in the code execution domain that triggers rule cache miss processing in the metadata processing domain whereby no rule exists in the rule cache for the current instruction, the rule cache including rules on metadata used by the metadata processing domain to define allowed operations.

7. The method of claim 6 , wherein rule cache miss processing includes: calculating, by a rule cache miss handler executing in the metadata processing domain, a new rule for the current instruction, wherein the new rule includes a result metadata tag of the initial set of metadata tags.

8. The method of claim 6 , wherein each metadata tag of the initial set is a tag generator that may be further used to derive other metadata tags.

9. The method of claim 8 , wherein execution of a first set of one or more specified instructions triggers rules and rule cache miss processing in the metadata processing domain that generates each metadata tag denoted as a tag generator used to generate a sequence of one or more other metadata tags, and wherein execution of a second set of one or more specified instructions triggers rules and rule cache miss processing in the metadata processing domain the generates each metadata tag denoted as a non-generating tag that cannot be used to further generate an additional metadata tag.

10. The method of claim 8 , wherein the initial set of metadata tags includes any one or more of: an initial instruction metadata tag that is tag generator used to generate a sequence of one or more code tags used to tag instructions; an initial malloc metadata tag that is a tag generator used to generate a sequence of one or more other malloc tag generators, wherein each of the one or more other malloc tag generators is used to generate a sequence of one or more other metadata tags for a different application in connection with coloring any of allocated memory cells and pointers to allocated memory cells used by the different application; an initial control flow integrity tag that is a tag generator used to generate a sequence of one or more other control flow integrity tag generators, wherein each of the one or more other control flow integrity tag generators is used to generate a sequence of one or more other metadata tags for a different application in connection with tagging control transfer targets of the different application; and an initial taint tag that is a tag generator used to generate a sequence of one or more other taint tag generators, wherein each of the one or more other taint tag generators is used to generate a sequence of one or more other metadata taint tags for a different application in connection with tagging data items that are used by the different application with a metadata taint tag based on code that produced or modified the data items.

11. The method of claim 6 , wherein the bootstrap program further includes instructions that trigger rules processed in the metadata processing domain that write one or more special metadata code tags on one or more instructions of designated code portions to provide an extended privilege, capability or authority to the tagged one or more instructions.

12. The method of claim 11 , wherein the designated code portions include one or more of kernel code and loader code.

13. The method of claim 11 , wherein the one or more special metadata code tags are derived from a first metadata tag of the initial set of metadata tags, wherein the first metadata tag is a special instruction tag generator.

14. The method of claim 1 , wherein a sequence of metadata tags is generated by executing instructions that trigger other processing of rules in the metadata processing domain, the other processing comprising: generating a next metadata tag in the sequence using a current metadata tag in the sequence, wherein the current metadata tag denotes a current state of the sequence and is stored as a metadata tag associated with an atom, wherein the atom is any of a register or a memory location; and updating the current state of sequence by saving the next metadata tag as the metadata tag associated with the atom.

15. A method of obtaining control flow information for an application comprising: executing a loader that loads the application for execution by a processor, wherein said executing the loader includes executing a first code portion including one or more instructions that triggers metadata processing of a first set of one or more rules in a metadata processing domain, the metadata processing domain being operative to determine whether to allow execution of a current instruction of the code execution domain in accordance with a set of one or more policies, wherein said metadata processing of the first set of one or more rules includes collecting and storing the control flow information for the application as application metadata accessible to the metadata processing domain and inaccessible to a code execution domain; and executing instructions of the application in the code execution domain, wherein said executing said instructions of the application triggers metadata processing of a second set of rules of a control flow policy that use at least a portion of the control flow information to determine whether to allow a transfer of control in the application from a first source location to a first target location.

16. The method of claim 15 , wherein the first target location has a set of one or more allowable source locations allowed to transfer control to the first target location.

17. The method of claim 16 , wherein said collecting and storing the control flow information for the application as application metadata further comprises the metadata processing domain performing other processing including: tagging the first target location with first metadata identifying the set of one or more allowable source locations, wherein the first metadata is stored as a portion of the control flow information of the application metadata.

18. The method of claim 17 , wherein a first instruction of the application transfers control from the first source location to the first target location, the first instruction triggering metadata processing of one or more rules of the control flow policy that use the first metadata to determine whether to allow execution of the first instruction by determining whether the first source location is included in the set of one or more allowable source locations allowed to transfer control to the first target location.

19. The method of claim 18 , wherein the other processing further includes: tagging each allowable source location of the set with a unique source metadata tag.

20. The method of claim 19 , wherein each unique source metadata tag of each allowable source location is included in a first sequence of source metadata tags for the application, wherein the first sequence is a unique sequence of source metadata tags generated from a control flow generator tag.

21. The method of claim 20 , wherein the control flow generator tag is generated from an initial control flow generator tag derived from an initial bootstrap tag.

22. The method of claim 21 , wherein the initial control flow generator tag is used to generate a plurality of additional control flow generator tags and wherein each of the additional control flow generator tags is used to generate a sequence of unique source metadata tags for a different application.

23. A non-transitory computer readable comprise code stored thereon that, when executed, performs a method of generating and using metadata tags comprising: storing a bootstrap tag in a first specified register of a plurality of specified registers used in a metadata processing domain that is isolated from a code execution domain, the metadata processing domain being operative to determine whether to allow execution of a current instruction of the code execution domain in accordance with a set of one or more policies; and performing first processing to derive one or more additional metadata tags from the bootstrap tag, wherein said first processing includes executing one or more instructions in the code execution domain that trigger metadata processing of one or more rules in the metadata processing domain.

24. A system comprising: a processor; and a memory comprising code stored thereon that, when executed, performs a method of generating and using metadata tags comprising: storing a bootstrap tag in a first specified register of a plurality of specified registers used in a metadata processing domain that is isolated from a code execution domain, the metadata processing domain being operative to determine whether to allow execution of a current instruction of the code execution domain in accordance with a set of one or more policies; and performing first processing to derive one or more additional metadata tags from the bootstrap tag, wherein said first processing includes executing one or more instructions in the code execution domain that trigger metadata processing of one or more rules in the metadata processing domain.

25. A non-transitory computer readable medium comprising code stored thereon that, when executed, performs a method of obtaining control flow information for an application comprising: executing a loader that loads the application for execution by a processor, wherein said executing the loader includes executing a first code portion including one or more instructions that triggers metadata processing of a first set of one or more rules in a metadata processing domain, the metadata processing domain being operative to determine whether to allow execution of a current instruction of the code execution domain in accordance with a set of one or more policies, wherein said metadata processing of the first set of one or more rules includes collecting and storing the control flow information for the application as application metadata accessible to the metadata processing domain and inaccessible to a code execution domain; and executing instructions of the application in the code execution domain, wherein said executing said instructions of the application triggers metadata processing of a second set of rules of a control flow policy that use at least a portion of the control flow information to determine whether to allow a transfer of control in the application from a first source location to a first target location.

26. A system comprising: a processor; and a memory comprising code stored thereon that, when executed, performs a method of obtaining control flow information for an application comprising: executing a loader that loads the application for execution by a processor, wherein said executing the loader includes executing a first code portion including one or more instructions that triggers metadata processing of a first set of one or more rules in a metadata processing domain, the metadata processing domain being operative to determine whether to allow execution of a current instruction of the code execution domain in accordance with a set of one or more policies, wherein said metadata processing of the first set of one or more rules includes collecting and storing the control flow information for the application as application metadata accessible to the metadata processing domain and inaccessible to a code execution domain; and executing instructions of the application in the code execution domain, wherein said executing said instructions of the application triggers metadata processing of a second set of rules of a control flow policy that use at least a portion of the control flow information to determine whether to allow a transfer of control in the application from a first source location to a first target location.